Jump to content

Linux: Enable user access only to ProFTP server / Disable user login via ssh scp and sftp


Leon
 Share

Recommended Posts

  • Administrators

1. So let’s begin creating a pseudo shell named /bin/ftpaccess

 

debian:~# touch /bin/ftpaccess

debian:~# echo 'echo "This accout is for ftp access only"' > /bin/ftpaccess

debian:~# echo 'exit 0' >> /bin/ftpaccess

debian:~# chmod +x /bin/ftpaccess

 

2. It’s also necessary to include the just created pseudo FTP shell/bin/ftpaccess in your /etc/shells file.

 

echo '/bin/ftpaccess' >> /etc/shells

 

3. Then edit your /etc/passwd and change in the user shell, you should edit a line similar to:

 

ftp-user:x:1011:1005:FTP User,,,:/home/ftp-user:/bin/bash

 

Afterwards the same user /etc/passwd line declaration should look like:

 

ftp-user:x:1011:1005:FTP user,,,:/home/ftp-user:/bin/ftpaccess

 

Now the ftp-user user should have an FTP file transfer upload/download access to the server but it’s SSH, SCP and SFTP access will be disabled.

 

Talking about disabling access of SFTP it’s worthy to mention the RSSH Project .

RSS is quite cool and is able to restrict a shell access via SSH but same time allow users to use the SFTP and SCP protocols.

Other user feedback/experience for accomplishing the same task is very welcome!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...